Lucene search

[email protected]CVE-2010-3606

HistorySep 24, 2010 - 9:00 p.m.

CVE-2010-3606

2010-09-2421:00:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2010

3606

directory traversal

vulnerabilities

agents/index.php

netart media real estate portal 2.0

remote attackers

arbitrary local files

nvd

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.7%

JSON

Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.

CPENameOperatorVersion
netartmedia:real_estate_portalnetartmedia real estate portaleq2.0

CPE	Name	Operator	Version
netartmedia:real_estate_portal	netartmedia real estate portal	eq	2.0

References

osvdb.org/68062

pridels-team.blogspot.com/2010/09/netartmedia-real-estate-portal-v20-xss.html

secunia.com/advisories/41377

www.securityfocus.com/bid/43266

exchange.xforce.ibmcloud.com/vulnerabilities/61867

8.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CVE-2010-3606

prion1 cvelist1